The technology includes a method to test what information an application transfers to an external computing device. A user's consent is explicitly obtained before the application transfers certain types of information, such as sensitive information. When a determination is made that an application is transferring sensitive information, a prompt for consent from a user may be provided that is accurate and detailed. In pre-production environments, technology can be used to detect whether this sensitive information is being transferred, and to validate whether a prompt for consent is necessary or unnecessary. To determine this, shimming is used to intercept application calls to APIs that return sensitive information. Requested sensitive information may be substituted with recorded or forged information from those APIs to produce a sentinel or canary. Similarly, network traffic of the application may be analyzed by another shim to determine when the substitute information is present.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method to test an application, the method comprising: providing substitute information, temporarily replacing information received in a request from the application, as the information to the application using a shim; receiving a request from the application to output application information to an external computing device; inspecting the application information before encryption using another shim during execution of the application to determine whether the substitute information is included in the application information; obtaining an indication of consent of a user to transfer the application information to the external computing device; and after replacing the substitute information, outputting the application information to the external computing device after testing indicates that the application intends to transfer the application information, wherein the application information includes a video signal.
2. The method of claim 1 , wherein the method is performed at least partially by at least one processor executing an operating system and the application stored on a memory in a computing device.
3. The method of claim 2 , wherein the information is sensitive information.
4. The method of claim 3 , wherein the method is performed during a certification or verification process of the application.
5. The method of claim 1 , wherein the receiving the request from the application for the information includes the application calling a first application programming interface and receiving the request from the application to output includes the application calling a second application programming interface.
6. The method of claim 5 , wherein the inspecting includes searching a buffer storing the application information to be outputted to the external computing device for the substitute information in the application information.
7. The method of claim 6 , wherein the substitute information is selected from one of forged information and recorded information.
8. The method of claim 7 , wherein receiving and determining is at least partially performed by an operating system, wherein the application includes an electronic interactive game.
9. The method of claim 8 , further comprising outputting the application information, after replacing the substitute information, to the external computing device after testing indicates that the application intends to transfer the application information.
10. An apparatus comprising: at least one camera to obtain a video signal; at least one processor; and at least one processor readable memory to store an application having processor readable instructions and an authorization list comprising one or more authorized network addresses that the application can communicate with when executing, and the at least one processor readable memory to store an operating system that may allow the application to transfer at least a portion of the video signal to a computing device at one of the one or more authorized network addresses, wherein the at least one processor executes the processor readable instructions of the operating system and the application to: receive, by the operating system, a request from the application for the video signal obtained by the at least one camera, provide a substitute video signal comprising at least one of false recorded and forged information, by the operating system, to the application, receive, by the operating system, a request from the application to output application information to an external computing device, and before obtaining a user consent during execution of the application, determine whether the application outputs the application information by identifying the application as a trusted or non-trusted application based on the authorization list read from the application, wherein the request from the application for the video signal includes a call to an application programming interface to retrieve the video signal and the request from the application to output application information to the external computing device includes a call to an application programming interface to output the application information to a network address of the computing device.
11. The apparatus of claim 10 , wherein the apparatus further includes a traffic buffer to store the application information and the operating system inspects the application information stored in the traffic buffer to determine whether the substitute video signal is stored in the application information.
12. The apparatus of claim 11 , wherein in response to identifying the application as non-trusted: inspect, by the operating system, the application information to determine whether the substitute video signal is included in the application information, and output, by the operating system, the application information to the external computing device when an indication of consent is obtained by a user.
13. The apparatus of claim 10 , wherein the at least one processor executes the processor readable instructions of the operating system and the application such that an indication of consent occurs before the application is transferred to the external computing device.
14. One or more processor readable memories having instructions encoded thereon which when executed cause one or more processors to perform a method, the method comprising: receiving a request for sensitive information from an application by calling a first application programming interface that returns the sensitive information; replacing the sensitive information with substitute information by intercepting the calls to the first application programming interface using a shim; providing the substitute information as the sensitive information to the application; receiving a request from the application to output application information to an external computing device at a network address by calling a second application programming interface; searching the application information, prior to encryption, to determine whether the substitute information is included in the application information using another shim to intercept the call to the second application programming interface; after replacing the substitute information, outputting the application information to the external computing device after testing indicates that the application intends to transfer the application information; and receiving the sensitive information, wherein the sensitive information includes at least a frame of a video signal and the substitute information is a frame of another video signal.
15. The one or more processor readable memories of claim 14 , wherein receiving a request for the sensitive information from an application includes the first application programming interface to retrieve the sensitive information, and receiving a request from the application to output application information to the external computing device at the network address includes the second application programming interface to output the application information to the external computing device at the network address.
16. The one or more processor readable memories of claim 15 , wherein the method further comprises receiving consent of a user before transferring the application information.
17. The one or more processor readable memories of claim 16 , further comprising outputting the application information in an encrypted format to the external computing device at the network address.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
March 29, 2017
October 8, 2019
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.